Microsoft Azure Active Directory (AAD)
This object allows for the use of Microsoft AAD as an identity provider for accessing Dremio.
Identity Provider Object{
"type": "AZURE_AD",
"id": "acd23077-263a-4277-b5f6-926b1983c9de",
"isActive": true,
"domain": "dremio.onmicrosoft.com",
"clientID": "e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff",
"clientSecret": null
}
Identity Provider Attributes
type
String
The type of identity provider. For Microsoft AAD, this attribute value will always be AZURE-AD.
id
String (UUID)
The UUID to identify the identity provider.
Example acd23077-263a-4277-b5f6-926b1983c9de
isActive
boolean
Set to true if the identity provider is configured and enabled. Otherwise displays as false.
Example true
domain
String
The domain of your Azure AD account in the Azure portal.
Example dremio.onmicrosoft.com
clientID
String
The client ID or application ID of your registered Dremio application on the Azure portal.
Example e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff
clientSecret
String
The client secret of your registered Dremio application on the Azure portal.
Example The client secret is not shown in the object and so the value is returned as `null`
Adding Microsoft AAD
Add Microsoft AAD as an identity provider. After adding an IdP, activate it using the associated endpoint.
Adding Microsoft AADPOST /v0/identity-providers
Parameters
type
body
String
The type of identity provider. For Microsoft AAD, this attribute value will always be AZURE-AD.
isActive
body
boolean
Optional
Set to false to add Microsoft AAD as an identity provider.
domain
body
String
The domain for your Microsoft AAD account in the Azure portal.
clientID
body
String
The client ID or application ID of your registered Dremio application on the Azure portal.
clientSecret
body
String
The client secret of your registered Dremio application on the Azure portal.
For information on how to get the domain, client ID, and client secret from the Azure portal, see required Azure AD properties.
After adding an IdP, activate it using the associated endpoint.
curl -X POST 'https://api.dremio.cloud/v0/identity-providers/' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json' \
-d '{
"type": "AZURE_AD",
"isActive": "false",
"domain": "dremio.onmicrosoft.com",
"clientID": "e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff",
"clientSecret": "aaAaA_a1aA1A_A1aaa_1a~aaA1_A11-AA1"
}'
{
"id": "acd23077-263a-4277-b5f6-926b1983c9de"
}
Responses
200
Identity Provider added successfully
400
Bad input parameter
Retrieving Microsoft AAD
Get the metadata for Microsoft AAD by providing the identity provider ID that was returned on creation.
Retrieving Microsoft AADGET /v0/identity-providers/{id}
Parameters
id
path
String
The ID of the Microsoft AAD identity provider for which you want to retrieve metadata.
curl -X GET 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
{
"type": "AZURE_AD",
"id": "acd23077-263a-4277-b5f6-926b1983c9de",
"isActive": true,
"domain": "dremio.onmicrosoft.com",
"clientID": "e1cec408-4c58-4283-9b9b-9ec6a6e96f83",
"clientSecret": null
}
Responses
200
Identity Provider returned successfully
400
Bad input parameter
Activating Microsoft AAD
Activate Microsoft AAD as an identity provider, once configured. This will show Microsoft AAD as an option to users on the Dremio Cloud login page.
Activating Microsoft AADPOST /v0/identity-providers/{id}/activate
Parameters
id
path
String
The ID of the identity provider that you want to activate.
curl -X POST 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de/activate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
No response
Responses
200
Identity Provider activated successfully
400
Bad input parameter
Deactivating Microsoft AAD
Deactivate Microsoft AAD. The Microsoft AAD option will no longer be available to users for authentication to Dremio Cloud and it will not be shown on the login page.
Deactivating Microsoft AADPOST /v0/identity-providers/{id}/deactivate
Parameters
id
path
String
The ID of the identity provider that you want to deactivate.
curl -X POST 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de/deactivate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
No response
Responses
200
Identity Provider deactivated successfully
400
Bad input parameter
Deleting Microsoft AAD
Delete Microsoft AAD.
Deleting Microsoft AADDELETE /v0/identity-providers/{id}
Parameters
id
path
String
The ID of the identity provider that you want to delete.
curl -X DELETE 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
No response
Responses
200
Identity Provider deleted successfully
400
Bad input parameter